Rizin
unix-like reverse engineering framework and cli tools
Macros | Functions | Variables
analysis_bf.c File Reference
#include <string.h>
#include <rz_types.h>
#include <rz_lib.h>
#include <rz_asm.h>
#include <rz_analysis.h>

Go to the source code of this file.

Macros

#define BF_ADDR_MEM   0x10000
 
#define BF_ADDR_SIZE   64
 
#define BF_BYTE_SIZE   8
 
#define BF_ID_STACK   32
 
#define bf_il_ptr()   rz_il_op_new_var("ptr", RZ_IL_VAR_KIND_GLOBAL)
 
#define bf_il_set_ptr(x)   rz_il_op_new_set("ptr", false, x)
 
#define bf_il_one(l)   rz_il_op_new_bitv_from_ut64(l, 1)
 

Functions

static int getid (char ch)
 
static void bf_syscall_read (RzILVM *vm, RzILOpEffect *op)
 
static void bf_syscall_write (RzILVM *vm, RzILOpEffect *op)
 
RzILOpEffectbf_right_arrow ()
 
RzILOpEffectbf_left_arrow ()
 
RzILOpEffectbf_inc ()
 
RzILOpEffectbf_dec ()
 
RzILOpEffectbf_out ()
 
RzILOpEffectbf_in ()
 
static ut64 find_matching_bracket (RzAnalysis *analysis, ut64 addr, int dir)
 
RzILOpEffectbf_llimit (RzAnalysis *analysis, ut64 addr, ut64 target)
 
RzILOpEffectbf_rlimit (RzAnalysis *analysis, ut64 addr, ut64 target)
 
static RzAnalysisILConfigil_config (RzAnalysis *analysis)
 
static int bf_op (RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask)
 
static char * get_reg_profile (RzAnalysis *analysis)
 

Variables

RzAnalysisPlugin rz_analysis_plugin_bf
 
RZ_API RzLibStruct rizin_plugin
 

Macro Definition Documentation

◆ BF_ADDR_MEM

#define BF_ADDR_MEM   0x10000

Definition at line 18 of file analysis_bf.c.

◆ BF_ADDR_SIZE

#define BF_ADDR_SIZE   64

Definition at line 19 of file analysis_bf.c.

◆ BF_BYTE_SIZE

#define BF_BYTE_SIZE   8

Definition at line 20 of file analysis_bf.c.

◆ BF_ID_STACK

#define BF_ID_STACK   32

Definition at line 21 of file analysis_bf.c.

◆ bf_il_one

#define bf_il_one (   l)    rz_il_op_new_bitv_from_ut64(l, 1)

Definition at line 25 of file analysis_bf.c.

◆ bf_il_ptr

#define bf_il_ptr ( )    rz_il_op_new_var("ptr", RZ_IL_VAR_KIND_GLOBAL)

Definition at line 23 of file analysis_bf.c.

◆ bf_il_set_ptr

#define bf_il_set_ptr (   x)    rz_il_op_new_set("ptr", false, x)

Definition at line 24 of file analysis_bf.c.

Function Documentation

◆ bf_dec()

RzILOpEffect* bf_dec ( )

Definition at line 74 of file analysis_bf.c.

74  {
75  // (store mem (var ptr) (- (load (var ptr)) (int 1)))
76  // mem == 0 because is the only mem in bf
77  RzILOpBitVector *load = rz_il_op_new_load(0, bf_il_ptr());
78  RzILOpBitVector *sub = rz_il_op_new_sub(load, bf_il_one(BF_BYTE_SIZE));
79  return rz_il_op_new_store(0, bf_il_ptr(), sub);
80 }
BF_BYTE_SIZE
#define BF_BYTE_SIZE
Definition: analysis_bf.c:20
bf_il_ptr
#define bf_il_ptr()
Definition: analysis_bf.c:23
bf_il_one
#define bf_il_one(l)
Definition: analysis_bf.c:25
rz_il_op_new_load
RZ_API RZ_OWN RzILOpPure * rz_il_op_new_load(RzILMemIndex mem, RZ_NONNULL RzILOpPure *key)
Helper to create RzILOpArgsLoad.
Definition: il_opcodes.c:718
rz_il_op_new_sub
RZ_API RZ_OWN RzILOpBitVector * rz_il_op_new_sub(RZ_NONNULL RzILOpBitVector *x, RZ_NONNULL RzILOpBitVector *y)
op structure for two-operand algorithm and logical operations ('s bitv -> 's bitv -> 's bitv)
Definition: il_opcodes.c:409
rz_il_op_new_store
RZ_API RZ_OWN RzILOpEffect * rz_il_op_new_store(RzILMemIndex mem, RZ_NONNULL RzILOpBitVector *key, RZ_NONNULL RzILOpBitVector *value)
Helper to create RzILOpArgsStoreW.
Definition: il_opcodes.c:728
load
void * load(const char *name, size_t *len)
Definition: pufftest.c:60
rz_il_op_pure_t
An IL op performing a pure computation, 'a pure.
Definition: rz_il_opcodes.h:399

References BF_BYTE_SIZE, bf_il_one, bf_il_ptr, load(), rz_il_op_new_load(), rz_il_op_new_store(), and rz_il_op_new_sub().

Referenced by bf_op().

◆ bf_in()

RzILOpEffect* bf_in ( )

Definition at line 87 of file analysis_bf.c.

87  {
88  // (goto hook_read)
89  return rz_il_op_new_goto("read");
90 }
rz_il_op_new_goto
RZ_API RZ_OWN RzILOpEffect * rz_il_op_new_goto(RZ_NONNULL const char *lbl)
op structure for goto (label -> ctrl eff)
Definition: il_opcodes.c:601

References rz_il_op_new_goto().

Referenced by bf_op().

◆ bf_inc()

RzILOpEffect* bf_inc ( )

Definition at line 66 of file analysis_bf.c.

66  {
67  // (store mem (var ptr) (+ (load (var ptr)) (int 1)))
68  // mem == 0 because is the only mem in bf
69  RzILOpBitVector *load = rz_il_op_new_load(0, bf_il_ptr());
70  RzILOpBitVector *add = rz_il_op_new_add(load, bf_il_one(BF_BYTE_SIZE));
71  return rz_il_op_new_store(0, bf_il_ptr(), add);
72 }
rz_il_op_new_add
RZ_API RZ_OWN RzILOpBitVector * rz_il_op_new_add(RZ_NONNULL RzILOpBitVector *x, RZ_NONNULL RzILOpBitVector *y)
op structure for two-operand algorithm and logical operations ('s bitv -> 's bitv -> 's bitv)
Definition: il_opcodes.c:397
add
static int add(char *argv[])
Definition: ziptool.c:84

References add(), BF_BYTE_SIZE, bf_il_one, bf_il_ptr, load(), rz_il_op_new_add(), rz_il_op_new_load(), and rz_il_op_new_store().

Referenced by bf_op().

◆ bf_left_arrow()

RzILOpEffect* bf_left_arrow ( )

Definition at line 60 of file analysis_bf.c.

60  {
61  // (set ptr (- (val ptr) (int 1)))
62  RzILOpBitVector *sub = rz_il_op_new_sub(bf_il_ptr(), bf_il_one(BF_ADDR_SIZE));
63  return bf_il_set_ptr(sub);
64 }
bf_il_set_ptr
#define bf_il_set_ptr(x)
Definition: analysis_bf.c:24
BF_ADDR_SIZE
#define BF_ADDR_SIZE
Definition: analysis_bf.c:19

References BF_ADDR_SIZE, bf_il_one, bf_il_ptr, bf_il_set_ptr, and rz_il_op_new_sub().

Referenced by bf_op().

◆ bf_llimit()

RzILOpEffect* bf_llimit ( RzAnalysis analysis,
ut64  addr,
ut64  target 
)

Definition at line 131 of file analysis_bf.c.

131  {
132  // (perform (branch (load mem (var ptr))
133  // (do nothing)
134  // (goto ]))
135  RzILOpBitVector *var = rz_il_op_new_var("ptr", RZ_IL_VAR_KIND_GLOBAL);
136  RzILOpBool *cond = rz_il_op_new_non_zero(rz_il_op_new_load(0, var));
137  // goto ]
138  RzILOpEffect *jmp = rz_il_op_new_jmp(rz_il_op_new_bitv_from_ut64(64, target));
139  // branch if (load mem (var ptr)) is false then goto ]
140  return rz_il_op_new_branch(cond, NULL, jmp);
141 }
jmp
#define jmp
Definition: analysis_8051.c:401
NULL
#define NULL
Definition: cris-opc.c:27
rz_il_op_new_branch
RZ_API RZ_OWN RzILOpEffect * rz_il_op_new_branch(RZ_NONNULL RzILOpBool *condition, RZ_NULLABLE RzILOpEffect *true_eff, RZ_NULLABLE RzILOpEffect *false_eff)
op structure for branch (bool -> 'a eff -> 'a eff -> 'a eff)
Definition: il_opcodes.c:702
rz_il_op_new_jmp
RZ_API RZ_OWN RzILOpEffect * rz_il_op_new_jmp(RZ_NONNULL RzILOpBitVector *dst)
op structure for jmp (_ bitv -> ctrl eff)
Definition: il_opcodes.c:589
rz_il_op_new_bitv_from_ut64
RZ_API RZ_OWN RzILOpBool * rz_il_op_new_bitv_from_ut64(ut32 length, ut64 number)
op structure for bitvector converted from ut64
Definition: il_opcodes.c:173
rz_il_op_new_non_zero
RZ_API RZ_OWN RzILOpBool * rz_il_op_new_non_zero(RZ_NONNULL RzILOpPure *bv)
Definition: il_opcodes.c:243
rz_il_op_new_var
RZ_API RZ_OWN RzILOpPure * rz_il_op_new_var(RZ_NONNULL const char *v, RzILVarKind kind)
op structure for var ('a var -> 'a pure)
Definition: il_opcodes.c:65
cond
#define cond(bop, top, mask, flags)
rz_il_op_effect_t
Definition: rz_il_opcodes.h:511
RZ_IL_VAR_KIND_GLOBAL
@ RZ_IL_VAR_KIND_GLOBAL
global var, usually bound to a physical representation like a register.
Definition: variable.h:47

References cond, jmp, NULL, rz_il_op_new_bitv_from_ut64(), rz_il_op_new_branch(), rz_il_op_new_jmp(), rz_il_op_new_load(), rz_il_op_new_non_zero(), rz_il_op_new_var(), and RZ_IL_VAR_KIND_GLOBAL.

Referenced by bf_op().

◆ bf_op()

static int bf_op ( RzAnalysis analysis,
RzAnalysisOp op,
ut64  addr,
const ut8 buf,
int  len,
RzAnalysisOpMask  mask 
)
static

Definition at line 173 of file analysis_bf.c.

173  {
174  rz_return_val_if_fail(analysis && op, -1);
175 
176  op->size = 1;
177  op->id = getid(buf[0]);
178  op->addr = addr;
179 
180  switch (buf[0]) {
181  case '[':
182  // Find the jump target, +1 because we jump directly after the matching bracket.
183  // If not found this returns UT64_MAX, so this overflows to 0, which is considered the "invalid"
184  // value for RzAnalysisOp, so it's fine.
185  op->jump = find_matching_bracket(analysis, addr, 1) + 1;
186  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
187  op->il_op = bf_llimit(analysis, addr, op->jump);
188  }
189  op->type = RZ_ANALYSIS_OP_TYPE_CJMP;
190  op->fail = addr + 1;
191  break;
192  case ']':
193  // same idea for target as above
194  op->jump = find_matching_bracket(analysis, addr, -1) + 1;
195  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
196  op->il_op = bf_rlimit(analysis, addr, op->jump);
197  }
198  op->type = RZ_ANALYSIS_OP_TYPE_UJMP;
199  break;
200  case '>':
201  op->type = RZ_ANALYSIS_OP_TYPE_ADD;
202  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
203  op->il_op = bf_right_arrow();
204  }
205  break;
206  case '<':
207  op->type = RZ_ANALYSIS_OP_TYPE_SUB;
208  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
209  op->il_op = bf_left_arrow();
210  }
211  break;
212  case '+':
213  op->type = RZ_ANALYSIS_OP_TYPE_ADD;
214  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
215  op->il_op = bf_inc();
216  }
217  break;
218  case '-':
219  op->type = RZ_ANALYSIS_OP_TYPE_SUB;
220  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
221  op->il_op = bf_dec();
222  }
223  break;
224  case '.':
225  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
226  op->il_op = bf_out();
227  }
228  op->type = RZ_ANALYSIS_OP_TYPE_STORE;
229  break;
230  case ',':
231  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
232  op->il_op = bf_in();
233  }
234  op->type = RZ_ANALYSIS_OP_TYPE_LOAD;
235  break;
236  case 0x00:
237  case 0xff:
238  op->type = RZ_ANALYSIS_OP_TYPE_TRAP;
239  break;
240  default:
241  op->type = RZ_ANALYSIS_OP_TYPE_NOP;
242  if (mask & RZ_ANALYSIS_OP_MASK_IL) {
243  op->il_op = rz_il_op_new_nop();
244  }
245  break;
246  }
247  return op->size;
248 }
bf_right_arrow
RzILOpEffect * bf_right_arrow()
Definition: analysis_bf.c:54
bf_dec
RzILOpEffect * bf_dec()
Definition: analysis_bf.c:74
getid
static int getid(char ch)
Definition: analysis_bf.c:11
bf_left_arrow
RzILOpEffect * bf_left_arrow()
Definition: analysis_bf.c:60
find_matching_bracket
static ut64 find_matching_bracket(RzAnalysis *analysis, ut64 addr, int dir)
Definition: analysis_bf.c:95
bf_out
RzILOpEffect * bf_out()
Definition: analysis_bf.c:82
bf_inc
RzILOpEffect * bf_inc()
Definition: analysis_bf.c:66
bf_rlimit
RzILOpEffect * bf_rlimit(RzAnalysis *analysis, ut64 addr, ut64 target)
Definition: analysis_bf.c:143
bf_llimit
RzILOpEffect * bf_llimit(RzAnalysis *analysis, ut64 addr, ut64 target)
Definition: analysis_bf.c:131
bf_in
RzILOpEffect * bf_in()
Definition: analysis_bf.c:87
mask
#define mask()
Definition: analysis_h8300.c:39
rz_il_op_new_nop
RZ_API RZ_OWN RzILOpEffect * rz_il_op_new_nop()
Definition: il_opcodes.c:566
buf
voidpf void * buf
Definition: ioapi.h:138
RZ_ANALYSIS_OP_MASK_IL
@ RZ_ANALYSIS_OP_MASK_IL
Definition: rz_analysis.h:446
RZ_ANALYSIS_OP_TYPE_SUB
@ RZ_ANALYSIS_OP_TYPE_SUB
Definition: rz_analysis.h:402
RZ_ANALYSIS_OP_TYPE_LOAD
@ RZ_ANALYSIS_OP_TYPE_LOAD
Definition: rz_analysis.h:416
RZ_ANALYSIS_OP_TYPE_UJMP
@ RZ_ANALYSIS_OP_TYPE_UJMP
Definition: rz_analysis.h:369
RZ_ANALYSIS_OP_TYPE_TRAP
@ RZ_ANALYSIS_OP_TYPE_TRAP
Definition: rz_analysis.h:392
RZ_ANALYSIS_OP_TYPE_ADD
@ RZ_ANALYSIS_OP_TYPE_ADD
Definition: rz_analysis.h:401
RZ_ANALYSIS_OP_TYPE_STORE
@ RZ_ANALYSIS_OP_TYPE_STORE
Definition: rz_analysis.h:415
RZ_ANALYSIS_OP_TYPE_CJMP
@ RZ_ANALYSIS_OP_TYPE_CJMP
Definition: rz_analysis.h:373
RZ_ANALYSIS_OP_TYPE_NOP
@ RZ_ANALYSIS_OP_TYPE_NOP
Definition: rz_analysis.h:389
rz_return_val_if_fail
#define rz_return_val_if_fail(expr, val)
Definition: rz_assert.h:108
op
Definition: dis.c:32
addr
static int addr
Definition: z80asm.c:58

References addr, bf_dec(), bf_in(), bf_inc(), bf_left_arrow(), bf_llimit(), bf_out(), bf_right_arrow(), bf_rlimit(), find_matching_bracket(), getid(), mask, RZ_ANALYSIS_OP_MASK_IL, RZ_ANALYSIS_OP_TYPE_ADD, RZ_ANALYSIS_OP_TYPE_CJMP, RZ_ANALYSIS_OP_TYPE_LOAD, RZ_ANALYSIS_OP_TYPE_NOP, RZ_ANALYSIS_OP_TYPE_STORE, RZ_ANALYSIS_OP_TYPE_SUB, RZ_ANALYSIS_OP_TYPE_TRAP, RZ_ANALYSIS_OP_TYPE_UJMP, rz_il_op_new_nop(), and rz_return_val_if_fail.

◆ bf_out()

RzILOpEffect* bf_out ( )

Definition at line 82 of file analysis_bf.c.

82  {
83  // (goto write)
84  return rz_il_op_new_goto("write");
85 }

References rz_il_op_new_goto().

Referenced by bf_op().

◆ bf_right_arrow()

RzILOpEffect* bf_right_arrow ( )

Definition at line 54 of file analysis_bf.c.

54  {
55  // (set ptr (+ (val ptr) (int 1)))
56  RzILOpBitVector *add = rz_il_op_new_add(bf_il_ptr(), bf_il_one(BF_ADDR_SIZE));
57  return bf_il_set_ptr(add);
58 }

References add(), BF_ADDR_SIZE, bf_il_one, bf_il_ptr, bf_il_set_ptr, and rz_il_op_new_add().

Referenced by bf_op().

◆ bf_rlimit()

RzILOpEffect* bf_rlimit ( RzAnalysis analysis,
ut64  addr,
ut64  target 
)

Definition at line 143 of file analysis_bf.c.

143  {
144  // (perform (branch (load mem (var ptr))
145  // (goto [)
146  // (do nothing))
147  RzILOpBitVector *var = rz_il_op_new_var("ptr", RZ_IL_VAR_KIND_GLOBAL);
148  RzILOpBool *cond = rz_il_op_new_non_zero(rz_il_op_new_load(0, var));
149  // goto [
150  RzILOpEffect *jmp = rz_il_op_new_jmp(rz_il_op_new_bitv_from_ut64(64, target));
151  // branch if (load mem (var ptr)) is true then goto ]
152  RzILOpEffect *branch = rz_il_op_new_branch(cond, jmp, NULL);
153  return branch;
154 }

References test-lz4-speed::branch, cond, jmp, NULL, rz_il_op_new_bitv_from_ut64(), rz_il_op_new_branch(), rz_il_op_new_jmp(), rz_il_op_new_load(), rz_il_op_new_non_zero(), rz_il_op_new_var(), and RZ_IL_VAR_KIND_GLOBAL.

Referenced by bf_op().

◆ bf_syscall_read()

static void bf_syscall_read ( RzILVM vm,
RzILOpEffect op 
)
static

Definition at line 27 of file analysis_bf.c.

27  {
28  ut8 c = getc(stdin);
29  RzBitVector *bv = rz_bv_new_from_ut64(BF_BYTE_SIZE, c);
30  RzILVal *ptr_val = rz_il_vm_get_var_value(vm, RZ_IL_VAR_KIND_GLOBAL, "ptr");
31  if (ptr_val->type == RZ_IL_TYPE_PURE_BITVECTOR) {
32  rz_il_vm_mem_store(vm, 0, ptr_val->data.bv, bv);
33  } else {
34  rz_warn_if_reached();
35  }
36  rz_bv_free(bv);
37 }
rz_il_vm_get_var_value
RZ_API RZ_BORROW RzILVal * rz_il_vm_get_var_value(RZ_NONNULL RzILVM *vm, RzILVarKind kind, const char *name)
Definition: il_vm.c:264
rz_il_vm_mem_store
RZ_API void rz_il_vm_mem_store(RzILVM *vm, RzILMemIndex index, RzBitVector *key, RzBitVector *value)
Definition: il_vm_eval.c:144
ut8
uint8_t ut8
Definition: lh5801.h:11
rz_warn_if_reached
#define rz_warn_if_reached()
Definition: rz_assert.h:29
rz_bv_free
RZ_API void rz_bv_free(RZ_NULLABLE RzBitVector *bv)
Definition: bitvector.c:85
rz_bv_new_from_ut64
RZ_API RZ_OWN RzBitVector * rz_bv_new_from_ut64(ut32 length, ut64 value)
Definition: bitvector.c:1161
c
#define c(i)
Definition: sha256.c:43
RZ_IL_TYPE_PURE_BITVECTOR
@ RZ_IL_TYPE_PURE_BITVECTOR
Definition: sort.h:25
bitvector_t
structure for bitvector
Definition: rz_bitvector.h:19
rz_il_val_t
Definition: value.h:24
rz_il_val_t::data
RzValUnion data
data pointer
Definition: value.h:26
rz_il_val_t::type
RzILTypePure type
type of value
Definition: value.h:25
RzValUnion::bv
RzBitVector * bv
Definition: value.h:17

References BF_BYTE_SIZE, RzValUnion::bv, c, rz_il_val_t::data, rz_bv_free(), rz_bv_new_from_ut64(), RZ_IL_TYPE_PURE_BITVECTOR, RZ_IL_VAR_KIND_GLOBAL, rz_il_vm_get_var_value(), rz_il_vm_mem_store(), rz_warn_if_reached, and rz_il_val_t::type.

Referenced by il_config().

◆ bf_syscall_write()

static void bf_syscall_write ( RzILVM vm,
RzILOpEffect op 
)
static

Definition at line 39 of file analysis_bf.c.

39  {
40  RzILVal *ptr_val = rz_il_vm_get_var_value(vm, RZ_IL_VAR_KIND_GLOBAL, "ptr");
41  if (ptr_val->type != RZ_IL_TYPE_PURE_BITVECTOR) {
42  rz_warn_if_reached();
43  return;
44  }
45  RzBitVector *bv = rz_il_vm_mem_load(vm, 0, ptr_val->data.bv);
46  ut32 c = rz_bv_to_ut32(bv);
47  if (c) {
48  putchar(c);
49  fflush(stdout);
50  }
51  rz_bv_free(bv);
52 }
ut32
uint32_t ut32
Definition: demangler_util.h:31
rz_il_vm_mem_load
RZ_API RzBitVector * rz_il_vm_mem_load(RzILVM *vm, RzILMemIndex index, RzBitVector *key)
Definition: il_vm_eval.c:124
rz_bv_to_ut32
RZ_API ut32 rz_bv_to_ut32(RZ_NONNULL const RzBitVector *x)
Definition: bitvector.c:1435

References RzValUnion::bv, c, rz_il_val_t::data, rz_bv_free(), rz_bv_to_ut32(), RZ_IL_TYPE_PURE_BITVECTOR, RZ_IL_VAR_KIND_GLOBAL, rz_il_vm_get_var_value(), rz_il_vm_mem_load(), rz_warn_if_reached, and rz_il_val_t::type.

Referenced by il_config().

◆ find_matching_bracket()

static ut64 find_matching_bracket ( RzAnalysis analysis,
ut64  addr,
int  dir 
)
static

Search matching [ or ] starting at addr in direction given by dir (-1 or 1)

Definition at line 95 of file analysis_bf.c.

95  {
96  if (!analysis->read_at) {
97  return UT64_MAX;
98  }
99  static const ut64 max_dist = 2048; // some upper bound to avoid (almost) infinite loops
100  ut64 dist = 0;
101  int lev = dir;
102  while (dist < max_dist) {
103  dist++;
104  addr += dir;
105  if (addr == UT64_MAX) {
106  break;
107  }
108  ut8 c;
109  analysis->read_at(analysis, addr, &c, 1);
110  switch (c) {
111  case '[':
112  lev++;
113  break;
114  case ']':
115  lev--;
116  break;
117  case 0:
118  case 0xff:
119  // invalid code
120  return UT64_MAX;
121  default:
122  continue;
123  }
124  if (lev == 0) {
125  return addr;
126  }
127  }
128  return UT64_MAX;
129 }
UT64_MAX
#define UT64_MAX
Definition: rz_types_base.h:86
rz_analysis_t::read_at
bool(* read_at)(struct rz_analysis_t *analysis, ut64 addr, ut8 *buf, int len)
Definition: rz_analysis.h:614
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()

References addr, c, rz_analysis_t::read_at, ut64(), and UT64_MAX.

Referenced by bf_op().

◆ get_reg_profile()

static char* get_reg_profile ( RzAnalysis analysis)
static

Definition at line 250 of file analysis_bf.c.

250  {
251  return strdup(
252  "=PC pc\n"
253  "=BP ptr\n"
254  "=SP ptr\n"
255  "=A0 ptr\n"
256  "=A1 ptr\n"
257  "=A2 ptr\n"
258  "=A3 ptr\n"
259  "gpr ptr .64 0 0\n" // data pointer
260  "gpr pc .64 8 0\n" // program counter
261  );
262 }
strdup
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")

References strdup().

◆ getid()

static int getid ( char  ch)
static

Definition at line 11 of file analysis_bf.c.

11  {
12  const char *keys = "[]<>+-,.";
13  const char *cidx = strchr(keys, ch);
14  return cidx ? cidx - keys + 1 : 0;
15 }
keys
static struct @218 keys[]

References keys.

Referenced by bf_op().

◆ il_config()

static RzAnalysisILConfig* il_config ( RzAnalysis analysis)
static

Definition at line 156 of file analysis_bf.c.

156  {
157  RzAnalysisILConfig *cfg = rz_analysis_il_config_new(64, false, 64);
158  cfg->init_state = rz_analysis_il_init_state_new();
159  if (!cfg->init_state) {
160  rz_analysis_il_config_free(cfg);
161  return NULL;
162  }
163  rz_analysis_il_init_state_set_var(cfg->init_state, "ptr", rz_il_value_new_bitv(rz_bv_new_from_ut64(64, BF_ADDR_MEM)));
164  RzILEffectLabel *read_label = rz_il_effect_label_new("read", EFFECT_LABEL_SYSCALL);
165  read_label->hook = bf_syscall_read;
166  rz_analysis_il_config_add_label(cfg, read_label);
167  RzILEffectLabel *write_label = rz_il_effect_label_new("write", EFFECT_LABEL_HOOK);
168  write_label->hook = bf_syscall_write;
169  rz_analysis_il_config_add_label(cfg, write_label);
170  return cfg;
171 }
bf_syscall_read
static void bf_syscall_read(RzILVM *vm, RzILOpEffect *op)
Definition: analysis_bf.c:27
bf_syscall_write
static void bf_syscall_write(RzILVM *vm, RzILOpEffect *op)
Definition: analysis_bf.c:39
BF_ADDR_MEM
#define BF_ADDR_MEM
Definition: analysis_bf.c:18
rz_analysis_il_config_add_label
RZ_API void rz_analysis_il_config_add_label(RZ_NONNULL RzAnalysisILConfig *cfg, RZ_NONNULL RZ_OWN RzILEffectLabel *label)
Definition: analysis_il.c:77
rz_analysis_il_config_new
RZ_API RZ_OWN RzAnalysisILConfig * rz_analysis_il_config_new(ut32 pc_size, bool big_endian, ut32 mem_key_size)
Definition: analysis_il.c:53
rz_analysis_il_config_free
RZ_API void rz_analysis_il_config_free(RzAnalysisILConfig *cfg)
Definition: analysis_il.c:66
rz_analysis_il_init_state_new
RZ_API RzAnalysisILInitState * rz_analysis_il_init_state_new()
Definition: analysis_il.c:19
rz_analysis_il_init_state_set_var
RZ_API void rz_analysis_il_init_state_set_var(RZ_NONNULL RzAnalysisILInitState *state, RZ_NONNULL const char *name, RZ_NONNULL RZ_OWN RzILVal *val)
Definition: analysis_il.c:38
rz_il_value_new_bitv
RZ_API RZ_OWN RzILVal * rz_il_value_new_bitv(RZ_NONNULL RzBitVector *bv)
Definition: value.c:28
rz_il_effect_label_new
RZ_API RzILEffectLabel * rz_il_effect_label_new(RZ_NONNULL const char *name, RzILEffectLabelType type)
Definition: label.c:6
EFFECT_LABEL_HOOK
@ EFFECT_LABEL_HOOK
Definition: label.h:20
EFFECT_LABEL_SYSCALL
@ EFFECT_LABEL_SYSCALL
Definition: label.h:19
rz_analysis_il_config_t
Description of the global context of an RzAnalysisILVM.
Definition: rz_analysis.h:1134
rz_analysis_il_config_t::init_state
RZ_NULLABLE RzAnalysisILInitState * init_state
optional, initial contents for variables/registers, etc.
Definition: rz_analysis.h:1144
rz_il_effect_label_t
Definition: label.h:24
rz_il_effect_label_t::hook
void * hook
Function pointer if EFFECT_LABEL_SYSCALL / EFFECT_LABEL_HOOK.
Definition: label.h:28

References BF_ADDR_MEM, bf_syscall_read(), bf_syscall_write(), EFFECT_LABEL_HOOK, EFFECT_LABEL_SYSCALL, rz_il_effect_label_t::hook, rz_analysis_il_config_t::init_state, NULL, rz_analysis_il_config_add_label(), rz_analysis_il_config_free(), rz_analysis_il_config_new(), rz_analysis_il_init_state_new(), rz_analysis_il_init_state_set_var(), rz_bv_new_from_ut64(), rz_il_effect_label_new(), and rz_il_value_new_bitv().

Variable Documentation

◆ rizin_plugin

RZ_API RzLibStruct rizin_plugin
Initial value:
= {
.type = RZ_LIB_TYPE_ANALYSIS,
.data = &rz_analysis_plugin_bf,
.version = RZ_VERSION
}
rz_analysis_plugin_bf
RzAnalysisPlugin rz_analysis_plugin_bf
Definition: analysis_bf.c:264
RZ_LIB_TYPE_ANALYSIS
@ RZ_LIB_TYPE_ANALYSIS
Definition: rz_lib.h:73
RZ_VERSION
#define RZ_VERSION
Definition: rz_version.h:8
rz_analysis_plugin_t::version
const char * version
Definition: rz_analysis.h:1239

Definition at line 276 of file analysis_bf.c.

◆ rz_analysis_plugin_bf

RzAnalysisPlugin rz_analysis_plugin_bf
Initial value:
= {
.name = "bf",
.desc = "brainfuck code analysis plugin",
.license = "LGPL3",
.arch = "bf",
.bits = 64,
.op = &bf_op,
.get_reg_profile = get_reg_profile,
.il_config = il_config
}
get_reg_profile
static char * get_reg_profile(RzAnalysis *analysis)
Definition: analysis_bf.c:250
il_config
static RzAnalysisILConfig * il_config(RzAnalysis *analysis)
Definition: analysis_bf.c:156
bf_op
static int bf_op(RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask)
Definition: analysis_bf.c:173

Definition at line 264 of file analysis_bf.c.